5.1
Table Of Contents
- vShield Administration Guide
- Contents
- vShield Administration Guide
- Overview of vShield
- vShield Manager User Interface Basics
- Management System Settings
- Edit DNS Servers
- Edit the vShield Manager Date and Time
- Edit Lookup Service Details
- Edit vCenter Server
- Specify Syslog Server
- Download Technical Support Logs for vShield
- Add an SSL Certificate to Identify the vShield Manager Web Service
- Add a Cisco Switch to vShield Manager
- Working with Services and Service Groups
- Grouping Objects
- User Management
- Updating System Software
- Backing Up vShield Manager Data
- System Events and Audit Logs
- VXLAN Virtual Wires Management
- Preparing your Network for VXLAN Virtual Wires
- Create a VXLAN Virtual Wire
- Connect Virtual Machines to a VXLAN Virtual Wire
- Test VXLAN Virtual Wire Connectivity
- Viewing Flow Monitoring Data for a VXLAN Virtual Wire
- Working with Firewall Rules for VXLAN Virtual Wires
- Prevent Spoofing on a VXLAN Virtual Wire
- Editing Network Scopes
- Edit a VXLAN Virtual Wire
- Sample Scenario for Creating VXLAN Virtual Wires
- vShield Edge Management
- View the Status of a vShield Edge
- Configure vShield Edge Settings
- Managing Appliances
- Working with Interfaces
- Working with Certificates
- Managing the vShield Edge Firewall
- Managing NAT Rules
- Working with Static Routes
- Managing DHCP Service
- Managing VPN Services
- IPSec VPN Overview
- Configuring IPSec VPN Service
- Edit IPSec VPN Service
- Delete IPSec Service
- Enable IPSec Service
- Disable IPSec Service
- vShield Edge VPN Configuration Examples
- SSL VPN-Plus Overview
- Configure Network Access SSL VPN-Plus
- Configure Web Access SSL VPN-Plus
- Working with IP Pools
- Working with Private Networks
- Working with Installation Packages
- Working with Users
- Edit Client Configuration
- Working with Login and Logoff Scripts
- SSL VPN-Plus Logs
- Edit General Settings
- Edit Web Portal Design
- IPSec VPN Overview
- Managing Load Balancer Service
- About High Availability
- Configure DNS Servers
- Configure Remote Syslog Servers
- Change CLI Credentials
- Upgrade vShield Edge to Large or X-Large
- Download Tech Support Logs for vShield Edge
- Synchronize vShield Edge with vShield Manager
- Redeploy vShield Edge
- Service Insertion Management
- vShield App Management
- Sending vShield App System Events to a Syslog Server
- Viewing the Current System Status of a vShield App
- Restart a vShield App
- Forcing a vShield App to Synchronize with the vShield Manager
- Viewing Traffic Statistics by vShield App Interface
- Download Technical Support Logs for vShield App
- Configuring Fail Safe Mode for vShield App Firewall
- Excluding Virtual Machines from vShield App Protection
- vShield App Flow Monitoring
- vShield App Firewall Management
- vShield Endpoint Events and Alarms
- vShield Data Security Management
- vShield Data Security User Roles
- Defining a Data Security Policy
- Editing a Data Security Policy
- Running a Data Security Scan
- Viewing and Downloading Reports
- Creating Regular Expressions
- Available Regulations
- Arizona SB-1338
- ABA Routing Numbers
- Australia Bank Account Numbers
- Australia Business and Company Numbers
- Australia Medicare Card Numbers
- Australia Tax File Numbers
- California AB-1298
- California SB-1386
- Canada Social Insurance Numbers
- Canada Drivers License Numbers
- Colorado HB-1119
- Connecticut SB-650
- Credit Card Numbers
- Custom Account Numbers
- EU Debit Card Numbers
- FERPA (Family Educational Rights and Privacy Act)
- Florida HB-481
- France IBAN Numbers
- France National Identification Numbers Policy
- Georgia SB-230 Policy
- Germany BIC Numbers Policy
- Germany Driving License Numbers Policy
- Germany IBAN Numbers Policy
- Germany National Identification Numbers Policy
- Germany VAT Numbers Policy
- Hawaii SB-2290 Policy
- HIPAA (Healthcare Insurance Portability and Accountability Act) Policy
- Idaho SB-1374 Policy
- Illinois SB-1633
- Indiana HB-1101 Policy
- Italy Driving License Numbers Policy
- Italy IBAN Numbers Policy.
- Italy National Identification Numbers Policy
- Kansas SB-196 Policy
- Louisiana SB-205 Policy
- Maine LD-1671 Policy
- Massachusetts CMR-201
- Minnesota HF-2121
- Montana HB-732
- Netherlands Driving Licence Numbers
- Nevada SB-347
- New Hampshire HB-1660
- New Jersey A-4001
- New York AB-4254
- New Zealand Inland Revenue Department Numbers
- New Zealand Ministry of Health Numbers
- Ohio HB-104
- Oklahoma HB-2357
- Patient Identification Numbers
- Payment Card Industry Data Security Standard (PCI-DSS)
- Texas SB-122
- UK BIC Numbers
- UK Driving Licence Numbers
- UK IBAN Numbers
- UK National Health Service Numbers
- UK National Insurance Numbers (NINO)
- UK Passport Numbers
- US Drivers License Numbers
- US Social Security Numbers
- Utah SB-69
- Vermont SB-284
- Washington SB-6043
- Available Content Blades
- ABA Routing Number Content Blade
- Admittance and Discharge Dates Content Blade
- Alabama Drivers License Content Blade
- Alaska Drivers License Content Blade
- Alberta Drivers Licence Content Blade
- Alaska Drivers License Content Blade
- Alberta Drivers Licence Content Blade
- American Express Content Blade
- Arizona Drivers License Content Blade
- Arkansas Drivers License Content Blade
- Australia Bank Account Number Content Blade
- Australia Business Number Content Blade
- Australia Company Number Content Blade
- Australia Medicare Card Number Content Blade
- Australia Tax File Number Content Blade
- California Drivers License Number Content Blade
- Canada Drivers License Number Content Blade
- Canada Social Insurance Number Content Blade
- Colorado Drivers License Number Content Blade
- Connecticut Drivers License Number Content Blade
- Credit Card Number Content Blade
- Credit Card Track Data Content Blade
- Custom Account Number Content Blade
- Delaware Drivers License Number Content Blade
- EU Debit Card Number Content Blade
- Florida Drivers License Number Content Blade
- France Driving License Number Content Blade
- France BIC Number Content Blade
- France IBAN Number Content Blade
- France National Identification Number Content Blade
- France VAT Number Content Blade
- Georgia Drivers License Number Content Blade
- Germany BIC Number Content Blade
- Germany Driving License Number Content Blade
- Germany IBAN Number Content Blade
- Germany National Identification Numbers Content Blade
- Germany Passport Number Content Blade
- Germany VAT Number Content Blade
- Group Insurance Numbers Content Blade
- Hawaii Drivers License Number Content Blade
- Italy National Identification Numbers Content Blade
- Health Plan Beneficiary Numbers
- Idaho Drivers License Number Content Blade
- Illinois Drivers License Number Content Blade
- Indiana Drivers License Number Content Blade
- Iowa Drivers License Number Content Blade
- Index of Procedures Content Blade
- Italy Driving License Number Content Blade
- Italy IBAN Number Content Blade
- ITIN Unformatted Content Blade
- Kansas Drivers License Number Content Blade
- Kentucky Drivers License Number Content Blade
- Louisiana Drivers License Number Content Blade
- Maine Drivers License Number Content Blade
- Manitoba Drivers Licence Content Blade
- Maryland Drivers License Number Content Blade
- Massachusetts Drivers License Number Content Blade
- Michigan Drivers License Number Content Blade
- Minnesota Drivers License Number Content Blade
- Mississippi Drivers License Number Content Blade
- Missouri Drivers License Number Content Blade
- Montana Drivers License Number Content Blade
- NDC Formulas Dictionary Content Blade
- Nebraska Drivers License Number Content Blade
- Netherlands Driving Licence Number Content Blade
- Netherlands IBAN Number Content Blade
- Netherlands National Identification Numbers Content Blade
- Netherlands Passport Number Content Blade
- Nevada Drivers License Number Content Blade
- New Brunswick Drivers Licence Content Blade
- New Hampshire Drivers License Number Content Blade
- New Jersey Drivers License Number Content Blade
- New Mexico Drivers License Number Content Blade
- New York Drivers License Number Content Blade
- New Zealand Health Practitioner Index Number Content Blade
- New Zealand Inland Revenue Department Number
- New Zealand National Health Index Number Content Blade
- Newfoundland and Labrador Drivers Licence Content Blade
- North Carolina Drivers License Number Content Blade
- North Dakota Drivers License Number Content Blade
- Nova Scotia Drivers Licence Content Blade
- Ohio Drivers License Number Content Blade
- Oklahoma License Number Content Blade
- Ontario Drivers Licence Content Blade
- Oregon License Number Content Blade
- Patient Identification Numbers Content Blade
- Pennsylvania License Number Content Blade
- Prince Edward Island Drivers Licence Content Blade
- Protected Health Information Terms Content Blade
- Quebec Drivers Licence Content Blade
- Rhode Island License Number Content Blade
- Saskatchewan Drivers Licence Content Blade
- SIN Formatted Content Blade
- SIN Unformatted Content Blade
- SSN Formatted Content Blade
- SSN Unformatted Content Blade
- South Carolina License Number Content Blade
- South Dakota License Number Content Blade
- Spain National Identification Number Content Blade
- Spain Passport Number Content Blade
- Spain Social Security Number Content Blade
- Sweden IBAN Number Content Blade
- Sweden Passport Number Content Blade
- Tennessee License Number Content Blade
- UK BIC Number Content Blade
- UK Driving License Number Content Blade
- UK IBAN Number Content Blade
- UK National Health Service Number Content Blade
- UK NINO Formal Content Blade
- UK Passport Number Content Blade
- Utah License Number Content Blade
- Virginia License Number Content Blade
- Visa Card Number Content Blade
- Washington License Number Content Blade
- Wisconsin License Number Content Blade
- Wyoming License Number Content Blade
- Supported File Formats
- Troubleshooting
- Index
Working with Certificates
vShield Edge supports self-signed certificates, certificates signed by a Certification Authority (CA), and
certificates generated and signed by a CA.
Configure a CA Signed Certificate
You can generate a CSR and get it signed by a CA. If you generate a CSR at the global level, it is available to
all vShield Edges in your inventory.
Procedure
1 In the vSphere Client, select Inventory > Hosts & Clusters.
Option Description
To generate a global certificate
a Click Settings & Reports from the vShield Manager inventory panel.
b Click the SSL Certificate tab.
To generate a certificate for a vShield
Edge
a Select a datacenter resource from the inventory panel.
b Click the Network Virtualization tab.
c Click the Edges link.
d Double-click a vShield Edge.
e Click the Configure tab.
f Click the Certificates link.
g Click Actions and select Generate CSR.
2 Type your organization unit and name.
3 Type the locality, street, state, and country of your organization.
4 Select the encryption algorithm for communication between the hosts.
Note that SSL VPN-Plus only supports RSA certificates.
5 Edit the default key size if required.
6 For a global certificate, type a description for the certificate.
7 Click Generate (at global level) or OK (at vShield Edge level).
The CSR is generated and displayed in the Certificates list.
8 Have an online Certification Authority sign this CSR.
9 Import the signed certificate.
Option Description
To import a signed certificate at the
global level
a In the SSL Certificates tab of the vShield Manager user interface, click
next to Import Signed Certificate.
b Click Browse and select the CSR file.
c Select the certificate type.
d Click Apply.
To generate a certificate for a vShield
Edge
a Copy the contents of the signed certificate.
b In the Certificates tab, click Actions and select Import Certificate.
c In the Import CSR dialog box, paste the contents of the signed certificate.
d Click OK.
The CA signed certificate appears in the certificates list.
Chapter 9 vShield Edge Management
VMware, Inc. 67